Yahoo, Google, Microsoft and the other Internet companies that have decried the National Security Agency’s (NSA) snooping tactics may see at least some of the changes they have been demanding. The President’s Review Group on Intelligence and Communications Technologies just issued a report with 46 recommendations that aim to balance national security, foreign policy, privacy and civil liberties.

Dubbed Liberty and Security in a Changing World, the recommendations in the report emphasize risk management and the need to consider a wide range of potential consequences, including both costs and benefits, in discussing potential reforms.

“The report emphasizes throughout that the central task is one of managing a wide assortment of risks,” according to the White House blog. “The review group is hopeful that the recommendations made here might prove helpful in striking the right balance. Free nations must protect themselves, and nations that protect themselves must remain free.”

Sweeping Changes Suggested

For starters, the report supports legislation to terminate the storage of bulk telephony metadata by the government under Section 215 of the Foreign Intelligence Surveillance Act (FISC). It also urges Congress to enact legislation authorizing telephone, Internet, and other providers to disclose publicly general information about orders they receive directing them to provide information to the government.

Next, the report sets forth several steps that the government should take to protect the privacy of non-U.S. persons. The report also recommends a series of organizational changes and calls for President Obama to create a new process to approve sensitive intelligence activities, including policy makers responsible for U.S. economic policy.

Congress should create the position of Public Interest Advocate to represent the interests of privacy and civil liberties before the court, increase the transparency of FISC decisions, and change the process by which judges are appointed, the group recommended. And it urged the creation of a newly chartered, strengthened, and independent Civil Liberties and Privacy Protection Board with authority to review government activity relating to foreign intelligence rather than only for counterterrorism.

A Good First Step

With respect to the NSA, the group proposed that the director position should be Senate-confirmed, civilians should be eligible to hold the position, and U.S. Cyber Command should be separated from the NSA so that a single person would no longer wear two hats. The report recommends that the U.S. government fully support and not undermine efforts to create strong global encryption standards, and take other measures to prompt prosperity, security, and openness on the Internet.

Finally, the report recommends a series of steps to reduce the risks associated with “insider threats.” The group said these include modifications to both personnel vetting and to network security. It also recommends the institution of a work-related access approach to the dissemination of classified information and implementation of information rights management software.

We caught up with Charles King, principal analyst at Pund-IT, to get his take on the report. He told us although the recommendations are broad, they accurately reflect the concerns of many in the wake of the Edward Snowden revelations about the NSA and related security agencies. Still, he feels less than optimistic about massive reform given the level of power that intelligence agencies have in the federal government and the reality of how deeply embedded so many of these programs are.

“There have been revelations in the past about activities by agencies ranging from the FBI to the CIA and many others that resulted in what people hoped would be systemic changes that would reduce or eliminate surveillance,” King said. “But over tine the tendency toward this type of activity seems to have increased rather than decreased. It’s a good first step and I hope that elected officials can keep up the pressure on intelligence agencies and make some change in the behaviors.”

Splunk for Free:
Find the meaning in your machine-generated data with the new Splunk Online Sandbox. It's a private workspace in the cloud where you can search, analyze, and visualize your own data, or just play around with pre-populated data sets. It's fast, it's powerful, and it's free. Click here to learn more.